A Better Path for Apps: Respecting Users and Their Privacy

Earlier this week, a Singapore-based iOS software developer made a startling discovery while working with the popular social-networking app Path: in the course of every new account creation, Path uploads the new user’s entire iPhone address book to their servers. To its credit, Path responded quickly, with its CEO and co-founder Dave Morin explaining that they use the address book data for “friend-finding” and “nothing more.” He also asserted that this technique was an industry standard for social iOS apps.

That response wasn’t enough to contain the firestorm of angry user reactions. Within a day, news of the address book upload had spread, and researchers discovered evidence of similar behavior by other apps, like the photo-sharing service Hipster. Path publicly apologized and promised to delete the address book data stored on their servers, and to begin using an opt-in system immediately. Hipster has also apologized, and plans to host an “Application Privacy Summit” at their office this month.

The strong user reaction demonstrates a fact that online privacy advocates repeat often: even as norms of sharing evolve online and in the social networking space, users still value their privacy highly. Users want control over how their data is shared, even if they ultimately choose to share it. By collecting information about not only Path users but also all of their contacts, Path violated the trust and the privacy of their community (not to mention their own privacy policy), and witnessed the backlash.

In their apology, Path acknowledged that the way they designed the “Add Friends” feature was wrong, which is true. As they acknowledged, they could have generated a “hash” of the e-mail addresses to provide a unique identifier. This would have allowed the matches necessary for friend finding, while being incapable of being converted back into the original address. Hopefully they will adopt this protection soon.

They also could have provided reasonable disclosure of the information they were collecting, but even that is not enough — applications on Android OS allow granular permission control, for example, but many users simply click through the installation process. Users need information present in a clear and understandable manner that allows them to make intelligent choices.

Setting aside the question of whether Apple should even allow application free access to sensitive user data like contact information, the route Path has now chosen — an affirmative opt-in process that explains what Path will collect — is certainly a good start.

Regardless of whether practices like checking addresses for friend-finding are “industry standard” in social apps, users expect and deserve respect from the providers of the services they use, and that means protecting personal data needed to use the service. Hiding behind the rationale that a certain functionality is commonplace among similar apps is not sufficient, the process must be proper whether it’s the uploading of data in the first place or its long-term storage.

In a Wired interview about the “privacy kerfuffle”, Morin assured Path users that the company stores address book data behind a firewall, and that they’re meeting with TRUSTe about their privacy policy compliance and keeping data secure. There was no mention of encrypting the data on the servers in case the firewall might fail. Even with industry standard security practices in place, the data is still vulnerable to a breach or a subpoena. Companies collecting personal data like Path have an obligation to keep as little personally identifiable data as necessary to provide their services.

Path is taking the right steps to recover from a public relations disaster, but providers of social services should take note: these problems are avoidable. Innovative products and rapid development are great, but service providers need to respect their users or be prepared to face the fallout.

Related Updates

CNN has a report detailing an unsavory practice euphemistically called "price customization." In short, websites examine the web data you automatically shed (cookies, IP address, etc.) so they can charge you a different price for a product or service depending on your "identity" and shopping habits. The article cites...

PC World Lauds Free, Anonymous Communication Tool as Superior to Paid Competitors San Francisco, CA - PC World has included the Tor anonymous Internet communication tool in its list of the year's best products. Tor is being developed with support from the Electronic Frontier Foundation (EFF) and was previously...

The Senate Intelligence Committee failed yesterday to reach agreement on the stealth PATRIOT expansion bill that would give the FBI expanded power to dig through the private records of people who aren't accused of any wrongdoing. The New York Times has the scoop (reg. req.), including a choice...

Last week we warned you about a new stealth PATRIOT-expansion bill that the Senate Intelligence Committee will consider in closed session later this week. In addition to renewing many of the USA PATRIOT Act's most troubling provisions, the new bill would give the FBI the power to issue...

NOTE: THIS RELEASE COMES FROM THE ACLU OF NORTHERN CALIFORNIA. EFF IS RECIRCULATING IT FOR YOUR INFORMATION. Bill to Protect Californians' Privacy, Personal Safety, and Financial Security Advances in State Senate Sacramento - The State Senate yesterday approved a bill with broad bipartisan support (29:7) that would prohibit state and...

Response to EFF's white paper on how to blog anonymously has been overwhelming. While there have been plenty of positive reactions, there are also a few basic criticisms we'd like to respond to. They boil down to two questions: (1) why didn't you mention more/better ways to be...

Creators of Tor, an Anonymous Communication System, Discuss Their Work at May 10 BayFF San Francisco, CA - On Tuesday, May 10, the Electronic Frontier Foundation (EFF) will host another "BayFF," a free event series for the general public. This month, the subject is anonymous Internet communication. Roger Dingledine, principal...

A California bill (SB 682) that would bar the use of radio frequency identification (RFID) tags in state-issued ID cards yesterday cleared the Senate Judiciary Committee -- the first major hurdle on the way to becoming law.
The good news comes in the wake of a ...

As we reported last week, the US State Department is pushing to embed insecure radio-frequency identification (RFID) chips in all new US passports. These chips would broadcast your name, date of birth, nationality, unique passport number, and any other personal information contained in the passport to anyone with a...